Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Encryption Cellphones Communications Handhelds Privacy

BlackPhone, In Wake of Gemalto Fallout, Receives $50 Million In Funding 59

An anonymous reader writes The BlackPhone, a $600-plus encrypted Android handset designed to keep the prying eyes of criminals and the government out of mobile communications, is now fully owned by Silent Circle thanks to the company raking in investment cash. Terms of the buyout deal with Spanish smartphone maker Geeksphone, the phone's hardware manufacturer, were not disclosed. Silent Circle said Thursday that it has raised $50 million and plans on showing off an encrypted 'enterprise privacy ecosystem' at World Mobile Congress next week. A BlackPhone tablet is on the way, too.
This discussion has been archived. No new comments can be posted.

BlackPhone, In Wake of Gemalto Fallout, Receives $50 Million In Funding

Comments Filter:
  • NSA involvement ? (Score:5, Insightful)

    by Alain Williams ( 2972 ) <addw@phcomp.co.uk> on Saturday February 28, 2015 @04:24AM (#49152579) Homepage

    I have to ask: is there secret NSA involvement in this ? An inside man who will put a couple of back-doors in the 'phone.

    I have absolutely no knowledge that this is the case, but the NSA certainly has the resources & motivation to do so. It seems to have done this sort of thing in the past.

    • by chihowa ( 366380 )

      Silent Circle was partially founded by Philip Zimmermann, so that's supposed to lend some credibility to the operation. The company, and PZ in general, still operate on the premise that trust in them should be enough for anybody, so the operation will be opaque and the source closed.

      I really respect a lot of what Zimmermann has done, but we're finding out more and more that our trust in institutions was ill placed. I don't think his model works in our current world. Finding out in twenty years that Silent C

      • Zimmermann might well be good and honest ... but how well does he know the people who he will employ to help him ? What if one of them has a problem: financial/drugs/marital/... that allows the NSA to put pressure on them (''help them out of their sticky situation'') in return for ''something that is in the best interests of the USA'' ?

        In mitigation: they do publish their source code for review [silentcircle.com]. I don't know how easy it is to check that that is what is installed on the phone that you buy.

        • Sure... Publish the software. What the hell, publish the firmware too. You could even publish the schematics for all the chips.

          How would you as an end user validate that the nefarious bits aren't actually in the chips, transparently altering the firmware and bypassing protections in software.

          Sadly we are in a post-trust mode now. Nothing can be trusted no matter the source or your due diligence. It starts to feel a lot like the secret police watching your every move.

          Just to make things interesting, you a

  • by viperidaenz ( 2515578 ) on Saturday February 28, 2015 @04:26AM (#49152583)

    A company with offices in USA, under the jurisdiction of the FBI's NSL's

    • by Anonymous Coward on Saturday February 28, 2015 @05:37AM (#49152667)

      A company whose headquarters are in Geneva and complying with any secret order would violate Swiss constitution and make executives personally liable with guaranteed jail time.

      • by Anonymous Coward on Saturday February 28, 2015 @08:07AM (#49152919)

        Look up crypto ag. Switzerland can easily be buLlied.

        • by Anonymous Coward

          Hardly easy and a great source of PR from a company perspective if they refuse to comply with orders. You need to read machiavelli. How fantastic for sales would it be if you're the only company that's proven to tell the US to fuck off.

          Also note Zimmermann's involvement. The guy who stood up to the US in the 90s. These guys will go to jail before being bullied. No backdoor is their only right to exist.

      • by IamTheRealMike ( 537420 ) on Saturday February 28, 2015 @11:22AM (#49153615)

        The issue with Silent Circle isn't their jurisdiction. It's that their code is of deeply questionable quality. They recently had a remote code execution exploit that could be triggered just by sending a text message to their phone. It's been literally years since one of these affected mainstream software stacks, so how was that possible?

        Well, they wrote their own SMS parsing code, in C, and used JSON to wrap binary encrypted messages [azimuthsecurity.com] and there was a bug that could cause memory corruption when the JSON wasn't exactly in the form they expected.

        The amount of fail in that sentence is just amazing. They're a company which justifies its entire existence with security, writing software to run on a smartphone where the OS itself is written in a memory safe language (Java) and yet they are parsing overly complex data structures off the wire ..... in C. That isn't just taking risks, that's playing Russian roulette over and over again. And eventually it killed them. Remote code execution via SMS - ye gods.

        After learning about that exploit and more to the point, why it occurred, I will strongly recommend against using Silent Circle for anything. Nobody serious about security should be handling potentially malicious data structures in C, especially not when the rest of the text messaging app is written in Java. That's just crazy.

        • Remote code execution via SMS - ye gods.

          By itself, it's bad enough, but how it got past 'the crowd' is the issue to study.

  • by invictusvoyd ( 3546069 ) on Saturday February 28, 2015 @05:17AM (#49152631)
    and then installed this funny app which makes fart sounds . It asked for pemissions to my storage ,camera , mic , browser and girlfriend .
  • by msobkow ( 48369 ) on Saturday February 28, 2015 @07:04AM (#49152793) Homepage Journal

    Given that iOS and Android can and do encrypt user data now, and that web device communications encryption is largely a question of whether a site uses SSL/HTTPS, what is the distinguishing feature of these phones that would make them marketable?

    To me it looks like pure marketing hype, not a real benefit compared to other devices now that they've started using encryption.

    • by bsDaemon ( 87307 ) on Saturday February 28, 2015 @08:21AM (#49152953)

      End to end encrypted communications and the concept of circle of trust. The original creator of PGP is involved, but this product seems to be much easier to operate (although they still haven't fixed the problem of me convincing friends or family to also want one, therefor justifying my purchase as a personal device. They are therefor the BlackBerry of the Android world)

  • Proportional to the number of forum flooding (trolling and stupid questions) : relevant posts ratio (?)

  • Unless and until baseband code/chip is open, you will never fully know what the phone leaks. Ever.
  • This phone might be suitable for thwarting most criminals, however it would be susceptible to OTA attacks against the baseband (blackbox), which is now even more easily done with the compromised SIM private keys.
  • If I'm running a nation-state intelligence service unit devoted to mobile device intelligence gathering, I'm thinking BlackPhone is pretty awesome if it gets a solid adoption rate of people who are concerned about privacy. I'm going to get a pretty large subset of people who I probably want to spy on in the first place standardizing on a particular platform where I just need to develop one or two decent exploits. It allows me to concentrate my team's efforts on a much narrower technological problem than be
  • The fundamental truth of our time when it comes to mobile devices is that they are spy devices. It's a device that had a camera, microphone, GPS abilities, and we frequently use to communicate our most private thoughts with other people. If you want true privacy for particular content, don't use a mobile device.
  • Gosh, I thought digital cell phone voice packets ARE encrypted? What case has occurred where criminals have listened to cell phone voice calls? OK, OK, that leaves the NSA and of course no other foreign governments (which we all know, aren't listening). Given all of this to be true, how can we complain when we now know we can pick up our phone and speak directly to someone in the NSA? For this, we can thank Mr. Snowden and I would sorely miss this feature if I bought some super phone that only those desp

Beware of Programmers who carry screwdrivers. -- Leonard Brandwein

Working...